Getting group id from userinfo endpoint

Hi Team i would like to ask question about assigning user to synced groups.

I want to implement feature in my system: When user logged in, user is assigned to groups created earlier during synchronization.

  1. I created groups in my system (using Okta Group API). I got name and group_ID in my system.
  2. I logged user using OIDC (Authorization Code Flow).
    I got thin ID Token, Access Token (with groups scope), and Refresh Token.
  3. Then i call UserInfo endpoint (because i can’t get user groups from ID Token).

Problem is, that UserInfo enpoint contains only Group name :frowning: . I can match it based on name, but there is issue, when this group is renamend etc.

So my question: Is there way how can I (as user in OIDC login) get all group_id’s where i’m assigned as user? (To be able to match this group id with synced groups earlier).

Thank you

You could look to use getFilteredGroups, as mentioned here: Customize tokens returned from Okta with a static allow list | Okta Developer.

It takes 3 arguments: a list of groups (by ID) to compare against, the value you want returned, and the limit. The second argument supports, which controls the output format.


getFilteredGroups({"00gxxxxxxxxxxx1", "00gxxxxxxxxxxx2"},"",100)